diff options
| author | Justus Winter <justus@g10code.com> | 2017-03-02 10:41:03 +0100 |
|---|---|---|
| committer | Justus Winter <justus@g10code.com> | 2017-03-02 10:41:03 +0100 |
| commit | 74cb3b230c1f99afc5fd09bccc24186a63b154b0 (patch) | |
| tree | 83f015cb52db758d43af38123768983e6d9e3721 /tests/openpgp | |
| parent | common,tools: Always escape newlines when escaping data. (diff) | |
| download | gnupg2-74cb3b230c1f99afc5fd09bccc24186a63b154b0.tar.xz gnupg2-74cb3b230c1f99afc5fd09bccc24186a63b154b0.zip | |
tests: Log information about ssh, add comments to test.
* tests/openpgp/ssh-import.scm (ssh-version-string): New variable, and
log the binary and version used in the test.
(ssh-supports?): Document how we test what algorithms are supported by
ssh, and log ssh-keygen's replies.
--
We have some trouble with this test on macOS, and adding some more
information in verbose mode will hopefully make tracking down these
problems easier in the future.
GnuPG-bug-id: 2980
Signed-off-by: Justus Winter <justus@g10code.com>
Diffstat (limited to 'tests/openpgp')
| -rwxr-xr-x | tests/openpgp/ssh-import.scm | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/tests/openpgp/ssh-import.scm b/tests/openpgp/ssh-import.scm index 7a4364ceb..d210056b8 100755 --- a/tests/openpgp/ssh-import.scm +++ b/tests/openpgp/ssh-import.scm @@ -36,8 +36,13 @@ (catch (skip "ssh-keygen not found") (set! ssh-keygen (path-expand "ssh-keygen" path))) +(define ssh-version-string + (:stderr (call-with-io `(,ssh "-V") ""))) + +(log "Using" ssh "version:" ssh-version-string) + (define ssh-version - (let ((tmp (:stderr (call-with-io `(,ssh "-V") ""))) + (let ((tmp ssh-version-string) (prefix "OpenSSH_")) (unless (string-prefix? tmp prefix) (skip "This doesn't look like OpenSSH:" tmp)) @@ -45,14 +50,22 @@ (+ 3 (string-length prefix)))))) (define (ssh-supports? algorithm) + ;; We exploit ssh-keygen as an oracle to test what algorithms ssh + ;; supports. (cond ((equal? algorithm "ed25519") + ;; Unfortunately, our oracle does not work for ed25519 because + ;; this is a specific curve and not a family, so the key size + ;; parameter is ignored. (>= ssh-version 6.5)) (else - (not (string-contains? (:stderr (call-with-io `(,ssh-keygen - -t ,algorithm - -b "1009") "")) - "unknown key type"))))) + ;; We call ssh-keygen with the algorithm to test, specify an + ;; invalid key size, and observe the error message. + (let ((output (:stderr (call-with-io `(,ssh-keygen + -t ,algorithm + -b "1009") "")))) + (log "(ssh-supports?" algorithm "), ssh algorithm oracle replied:" output) + (not (string-contains? output "unknown key type")))))) (define keys '(("dsa" "9a:e1:f1:5f:46:ea:a5:06:e1:e2:f8:38:8e:06:54:58") |